Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pOPX0MnZ60QrdIa-E0dk-2t_OVU.roa
File: pOPX0MnZ60QrdIa-E0dk-2t_OVU.roa (raw, json)
Hash identifier: Cpgi6gWIRXbSY4VDDDwyaFE+wfPjSTuvSshGtow4JGI=
Subject key identifier: A4:E3:D7:D0:C9:D9:EB:44:2B:74:86:BE:13:47:64:FB:6B:7F:39:55
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 4276B2D4
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pOPX0MnZ60QrdIa-E0dk-2t_OVU.roa
Signing time: Sat 01 Jan 2022 14:03:18 +0000
ROA not before: Sat 01 Jan 2022 14:03:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 53007
IP address blocks: 194.132.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1115075284 (0x4276b2d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a4e3d7d0c9d9eb442b7486be134764fb6b7f3955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c0:72:d5:47:f5:40:d5:8d:51:64:27:64:ca:
9c:76:61:48:77:fa:80:d2:50:2e:77:db:17:ac:de:
f4:d3:bf:04:73:17:ee:11:db:e7:68:2e:cd:39:a0:
dc:2e:af:f5:f4:b9:89:0e:1a:96:bf:a2:bb:84:cd:
30:41:b1:55:3b:ff:79:dd:cd:e0:b5:67:4c:8a:e9:
15:3a:40:34:6b:6f:75:1d:05:04:3f:27:c4:3e:89:
d3:91:8a:2d:f9:63:4a:49:05:d4:cc:8a:ab:bf:b4:
73:51:ce:4d:98:57:8e:3c:66:9a:3c:0d:67:d4:eb:
7d:59:95:f8:a3:a0:5f:80:4e:59:c7:41:d3:b8:7f:
45:63:91:39:63:18:92:b1:c2:d3:7f:67:47:b4:0b:
d1:d7:2e:95:39:e5:39:bc:91:fe:6f:ea:9b:b6:e0:
3c:e5:58:8b:af:c0:6a:48:4f:3a:2b:b2:4b:ef:be:
be:6a:cb:fe:4e:8f:fb:5e:c9:2d:e3:63:4a:ba:fb:
c7:1f:ae:9b:b8:97:b6:ac:8e:02:4f:96:33:fb:78:
d9:4b:e4:75:16:4c:2d:c2:6a:49:a7:bc:0a:6f:92:
2f:f4:e9:d7:a7:1f:a0:46:72:a0:76:86:93:db:01:
74:33:65:d2:8e:d7:14:96:df:e8:98:fd:64:43:3b:
e0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E3:D7:D0:C9:D9:EB:44:2B:74:86:BE:13:47:64:FB:6B:7F:39:55
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/pOPX0MnZ60QrdIa-E0dk-2t_OVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.132.122.0/24
Signature Algorithm: sha256WithRSAEncryption
90:94:44:d8:99:1d:91:f1:8c:81:0b:2a:9b:ea:18:26:78:56:
bb:5b:52:51:a3:b2:2e:e5:8b:64:5e:3d:8a:4c:59:4e:ef:02:
b7:85:90:79:95:a5:f8:74:92:8b:aa:4d:10:60:ef:bb:03:39:
18:d5:54:bb:20:dd:de:e0:d9:f2:35:c9:7e:95:ac:cd:bd:ec:
b0:91:b2:30:71:c8:dd:14:cf:c4:f3:66:0a:9c:32:a6:cc:4d:
d6:de:18:3d:d2:84:18:e0:95:8b:a8:66:8b:4b:eb:67:3b:67:
e8:64:54:e2:39:7d:29:f4:f6:4e:77:11:9d:00:14:5b:1e:19:
c3:1b:52:67:3e:10:8a:f5:48:84:a6:57:a5:5e:02:83:b4:34:
a4:7a:c7:05:de:ac:31:47:f6:1d:e1:f3:08:7e:6c:9c:92:ab:
61:46:6f:86:c7:f4:f0:b7:a0:13:25:21:06:e8:12:82:5f:12:
02:a4:3d:d0:59:70:ee:27:23:df:81:c0:41:14:3e:d3:d3:e0:
51:ec:5d:b6:72:27:fe:7a:b6:f2:e2:96:e9:6e:2d:d7:75:3a:
76:d0:53:cc:b7:95:0d:fe:e8:c6:d9:f6:cd:86:f3:30:91:fc:
bc:ec:94:14:04:a6:87:78:de:86:db:09:12:a6:b4:41:f3:5b:
bb:4f:72:78
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQnay1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTRlM2Q3ZDBjOWQ5
ZWI0NDJiNzQ4NmJlMTM0NzY0ZmI2YjdmMzk1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXActVH9UDVjVFkJ2TKnHZhSHf6gNJQLnfbF6ze9NO/BHMX
7hHb52guzTmg3C6v9fS5iQ4alr+iu4TNMEGxVTv/ed3N4LVnTIrpFTpANGtvdR0F
BD8nxD6J05GKLfljSkkF1MyKq7+0c1HOTZhXjjxmmjwNZ9TrfVmV+KOgX4BOWcdB
07h/RWOROWMYkrHC039nR7QL0dculTnlObyR/m/qm7bgPOVYi6/AakhPOiuyS+++
vmrL/k6P+17JLeNjSrr7xx+um7iXtqyOAk+WM/t42UvkdRZMLcJqSae8Cm+SL/Tp
16cfoEZyoHaGk9sBdDNl0o7XFJbf6Jj9ZEM74OMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSk49fQydnrRCt0hr4TR2T7a385VTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L3BPUFgwTW5aNjBRcmRJYS1FMGRrLTJ0X09WVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKEejANBgkqhkiG9w0BAQsFAAOC
AQEAkJRE2JkdkfGMgQsqm+oYJnhWu1tSUaOyLuWLZF49ikxZTu8Ct4WQeZWl+HSS
i6pNEGDvuwM5GNVUuyDd3uDZ8jXJfpWszb3ssJGyMHHI3RTPxPNmCpwypsxN1t4Y
PdKEGOCVi6hmi0vrZztn6GRU4jl9KfT2TncRnQAUWx4ZwxtSZz4QivVIhKZXpV4C
g7Q0pHrHBd6sMUf2HeHzCH5snJKrYUZvhsf08LegEyUhBugSgl8SAqQ90Flw7icj
34HAQRQ+09PgUexdtnIn/nq28uKW6W4t13U6dtBTzLeVDf7oxtn2zYbzMJH8vOyU
FASmh3jehtsJEqa0QfNbu09yeA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:13 2025 by rpki-client